"lei: umask(077) before opening errors.log"

user/dev discussion of public-inbox itself
 help / color / mirror / code / Atom feed

Search results ordered by [date|relevance]  view[summary|nested|Atom feed]
thread overview below | download mbox.gz: |

* [PATCH 3/3] lei: umask(077) before opening errors.log
  2021-09-21  9:29  5% ` [PATCH 0/3] lei: a few more annoyances fixed Eric Wong
@ 2021-09-21  9:29  7%   ` Eric Wong
  0 siblings, 0 replies; 2+ results
From: Eric Wong @ 2021-09-21  9:29 UTC (permalink / raw)
  To: meta

There's a chance some sensitive information (e.g. folder names)
can end up in errors.log, though $XDG_RUNTIME_DIR or
/tmp/lei-$UID/ will have 0700 permissions, anyways.
---
 lib/PublicInbox/LEI.pm | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/PublicInbox/LEI.pm b/lib/PublicInbox/LEI.pm
index 2df1f326..29293e6c 100644
--- a/lib/PublicInbox/LEI.pm
+++ b/lib/PublicInbox/LEI.pm
@@ -1225,6 +1225,7 @@ sub lazy_start {
 	$errors_log = "$sock_dir/errors.log";
 	my $addr = pack_sockaddr_un($path);
 	my $lk = bless { lock_path => $errors_log }, 'PublicInbox::Lock';
+	umask(077) // die("umask(077): $!");
 	$lk->lock_acquire;
 	socket($listener, AF_UNIX, SOCK_SEQPACKET, 0) or die "socket: $!";
 	if ($errno == ECONNREFUSED || $errno == ENOENT) {
@@ -1236,7 +1237,6 @@ sub lazy_start {
 		$! = $errno; # allow interpolation to stringify in die
 		die "connect($path): $!";
 	}
-	umask(077) // die("umask(077): $!");
 	bind($listener, $addr) or die "bind($path): $!";
 	$lk->lock_release;
 	undef $lk;

^ permalink raw reply related	[relevance 7%]

* [PATCH 0/3] lei: a few more annoyances fixed
  @ 2021-09-21  9:29  5% ` Eric Wong
  2021-09-21  9:29  7%   ` [PATCH 3/3] lei: umask(077) before opening errors.log Eric Wong
  0 siblings, 1 reply; 2+ results
From: Eric Wong @ 2021-09-21  9:29 UTC (permalink / raw)
  To: meta

The more I use it, the more I find wrong...

Eric Wong (3):
  t/lei-up: use '-q' to silence non-redirected test
  script/lei: handle SIGTSTP and SIGCONT
  lei: umask(077) before opening errors.log

 lib/PublicInbox/LEI.pm | 20 +++++++++++++-------
 script/lei             |  9 ++++-----
 t/lei-up.t             |  2 +-
 3 files changed, 18 insertions(+), 13 deletions(-)

^ permalink raw reply	[relevance 5%]

Results 1-2 of 2 | reverse | options above

-- pct% links below jump to the message on this page, permalinks otherwise --
2021-09-21  7:41     [PATCH 00/12] lei: fix various annoyances Eric Wong
2021-09-21  9:29  5% ` [PATCH 0/3] lei: a few more annoyances fixed Eric Wong
2021-09-21  9:29  7%   ` [PATCH 3/3] lei: umask(077) before opening errors.log Eric Wong
Code repositories for project(s) associated with this public inbox

	https://80x24.org/public-inbox.git

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).